﻿using System;

namespace FBGraph.Web.Security
{
    /// <summary>An implementation of <see cref="FBGraphHttpHandler" /> that handles logout requests for WebForms applications.</summary>
    public class FBGraphLogOutRequestHandler : FBGraphHttpHandler
    {
        internal const String PATH = "LOGOUT";

        /// <summary>Removes access token and stored extended permission values for the user.</summary>
        /// <remarks>This does not remove any Facebook application authorizations or authorized extended permissions. It simply makes FBGraph.NET "forget" about the user.</remarks>
        protected override void ProcessRequest()
        {
            this.FbContext.RemoveAccessToken();
            this.FbContext.RemoveApplicationUserCookie();
            this.FbContext.RemoveExtendedPermissions();

            this.Response.Redirect(this.ReturnUrl ?? "~/");
        }
    }
}